Adding a GMail guest user to Microsoft Teams using one-time passcode (.. and something about federated authentication too)

One of the recent updates (might be still rolling out) to guest access is to allow adding guests without the need to create a Microsoft Account during the process. Guests can use their Gmail email. For more information about guest access in general, check Docs.Microsoft.Com article and this roadmap item.

Note this one-time passcode isn’t 1:1 the roadmap item shown above. I have added a section to the end of this blog post to tell about Google authentication in federated way.

I tested this with a GMail account I just created for this purpose. This relies on sending a verification code each time to that address when you try to sign in, instead of creating a Microsoft Account. You start by adding the guest as usual.

They receive an email that they have been added to a team:

Once they try to log in to Teams, they will get information about the verification code.


After entering the code, you grant access



And you are in, no need to enter or create new passwords or accounts:


Logging back to Teams later

When you log back to Teams later with this account you will need to have your email open, since you don’t have a password for Teams. Start logging in by entering your email into login dialog.

Click on the blue text “sign in with a one-time code sent to your email”

You will receive the verification code

And you are right back in!

Federated Google authentication and Teams

I got some feedback about this (thank you all! ❤) and a point to go into this Docs article that describes how to setup a federation to support Google authentication to Teams directly – without any passcodes, but using the google identity.

I tested the federation and it works like a charm! I was able to create a another Google Gmail account and login into Teams. This time without passcodes. I couldn’t change the existing account to support it, but a quick & dirty demo way was to create a new one.

The article contains a good step by step way how to activate Google federation to your tenant, so I am not repeating the step in this one.

Just keep in mind that once the account is setup to use OTP authentication you may not be able to switch it to use federated Google authentication. At least not from UI. Perhaps someone knowing more about Azure AD identities can provide some information about how to do it.

4 thoughts on “Adding a GMail guest user to Microsoft Teams using one-time passcode (.. and something about federated authentication too)

  1. I got an invitation to join a Team.. but did’t recieve any codes! I checked my Spam-inbox… still empty! After one hour I received an code, but then I got the message: you asked too many codes for today, you can try it for tomorrow. And today is tomorrow: I got the same message! Does someone have the solution? I have the meeting tonight.. and several calls to the Microsoft helpdesk didn’t help me out!

    Like

    1. If you have to use the team, then I suggest that don’t request multiple codes since email does takes it time sometimes – unfortunately. You just request it once and wait.

      You can join a meeting without being a member of that team! You won’t have a meeting chat available (or access to files) if it is a channel meeting but at least you can get into the meeting.

      Alternatives:
      Create or use an existing Microsoft Account ( https://account.microsoft.com/ ) and ask them to add that one into the team. Don’t recreate with the exact same email as you had when trying to get in using the one-time passcode. This way you need to remember & manage another account but it is the easiest.
      Create an another gmail account and try to get passcode email in time there. However, I do recommend Microsoft Account this time because you have less room for errors and there is no passcode emails.

      I hope some of these works out for you and you get into the team & meeting!

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.